Windows Azure Customer Solution Case Study Lockheed Martin Merges Cloud Agility with Premises Control to Meet Customer Needs Overview Country or Region: United States Industry: Manufacturing Customer Profile With 136,000 employees and 2009 sales of U.S.$45.2 billion, Lockheed Martin operates in four business areas: Aeronautics, Space Systems, Electronic Systems, and Information Systems and Global Solutions. Business Situation Lockheed Martin wanted to deliver the performance and flexibility of cloud computing to its customers, while enabling them to balance security, privacy and confidentiality concerns. Solution Lockheed Martin used Windows Azure to develop the Thundercloud™ design pattern, which integrates on-premises infrastructures with compute, storage, and application services in the cloud. Benefits Agility and speed Enhanced infrastructure at lower costs On-demand, usage-based model Ubiquitous access “Our customers believe that, by using cloud computing, they can save between 40 and 60 percent of the infrastructure cost that they would normally spend in order to achieve the same capabilities.” Melvin Greer, Chief Strategist, Cloud Computing, Information Systems and Global Solutions, Lockheed Martin Headquartered in Bethesda, Maryland, Lockheed Martin is a global security company that employs about 136,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration, and sustainment of advanced technology systems, products, and services. The company wanted to help its customers obtain the benefits of cloud computing, while balancing security, privacy, and confidentiality concerns. The company used Windows Azure to develop the Thundercloud™ design pattern, which integrates onpremises infrastructure with compute, storage, and application services in the cloud. Now, Lockheed Martin can provide its customers with vast computing power, enhanced business agility, and reduced costs of application infrastructure, while maintaining full control of their data and security processes. “Windows Azure has the elasticity and scalability we need to … add or subtract computing, storage, and datatransfer resources for mission applications on demand; access the resources from any device via the Internet; and pay for them based on utilization.” Melvin Greer, Chief Strategist, Cloud Computing, Information Systems and Global Solutions, Lockheed Martin Situation Headquartered in Bethesda, Maryland, Lockheed Martin is a global security company that employs about 136,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration, and sustainment of advanced technology systems, products, and services. The corporation reported 2009 sales of U.S.$45.2 billion. While Lockheed Martin is well known as a premier defense contractor, the company also develops innovative IT solutions for government, healthcare, and energy markets. In fact, Lockheed Martin is the largest provider of IT services to the United States government, helping the Department of Defense and other federal agencies manage challenges such as cyber security, energy consumption, and development and climate change. “Lockheed Martin customers need the capacity to respond dynamically and comprehensively to some of the country’s most serious business challenges, from conducting the U.S. Census to launching manned missions to Mars,” says Melvin Greer, Chief Strategist, Cloud Computing, Information Systems and Global Solutions at Lockheed Martin. “We need the capacity to respond with agility and flexibility to the needs of government customers.” Since 2009, the U.S. government and Lockheed Martin have been evaluating cloud computing—the use of computing and data storage resources that are hosted in an external data center and accessible as consumption-based application services through the network. Lockheed Martin cloud-computing strategy is built on a foundation of innovation and partnership. The company understands that despite the perceived risks, cloud computing can provide fast and flexible access to IT resources for its customers, while lowering the government’s significant ownership costs. In an on-premises IT infrastructure, an agency invests in the purchase, configuration, management, and maintenance of on-site computing hardware and software to meet its IT requirements. By using cloud computing, an agency can subscribe to services and pay for just the resources it uses as it needs them. “The consumption-based cost model in the cloud is extremely appealing to our government customers,” says Greer. Today, cloud computing is an important component of the federal government’s IT strategy. But Lockheed Martin’s federal government customers must maintain strict control over their systems, and they must use every precaution to protect confidential and often sensitive information. In fact, federal regulations restrict some kinds of government data from being stored outside the government’s direct control. “We can’t talk about cloud computing inside Lockheed Martin without addressing security, access control, and confidentiality,” says Greer. “So our goal is to balance these risks, while helping our customers realize the promise of cloud computing: speed, agility, and lower costs.” Solution To deliver the performance and flexibility of cloud computing to its customers, while addressing their critical security requirements, Lockheed Martin developed the Thundercloud™ design pattern in 2009. Design patterns are important tools used by engineers, architects, and software developers to provide technical solutions faster, with consistent compliance to best practices, all at a lower cost. Thundercloud™ helps cloud computing implementers integrate on-premises IT infrastructure with computing, storage, and application services in the cloud and extend those applications to a remote, portable, or handheld mobile device. The Thundercloud™ design pattern from Lockheed Martin has been implemented by using Windows Azure. Windows Azure is a cloud-based application development, service hosting, and service management environment that provides developers with on-demand compute and storage to host, scale, and manage web applications on the Internet through Microsoft data centers. By using Thundercloud™, an organization can keep information behind its own firewall, where it retains full control and exclusive use of its data and its own security, privacy, and compliance processes, and it can realize the elastic scale, agility, and cost benefits of cloud computing. By powering Thundercloud™ applications with Windows Azure, Lockheed Martin customers can add or remove computing resources to a solution quickly, paying only for what it uses. “Windows Azure has the elasticity and scalability we need to make Thundercloud™ work,” says Greer. “We can add or subtract computing, storage, and data-transfer resources for mission applications on demand; access the resources from any device via the Internet; and pay for them based on utilization.” Lockheed Martin developers use the Thundercloud™ design pattern and Windows Azure to build applications for customers, and Lockheed Martin customers can use the Thundercloud™ design pattern to build their own applications. Developers can build Thundercloud™-based applications with familiar tools, such as the Microsoft .NET Framework 3.5 and Microsoft SQL Azure, a self-managed database service built on technologies in Microsoft SQL Server 2008 data management software. Developers can use Windows Azure to enhance Thundercloud™-based applications by integrating on-premises enterprise data sets and security methods to computing resources in the cloud. By using Windows Azure, developers can work with applications that run Windows Azure and the Windows Server 2008 operating system, as well as Java, Ruby, PHP, and other technologies. “All of the standard Microsoft development tools fit right into the Windows Azure framework,” says Greer. “Developers can use the tools they know to build Thundercloud™-based applications and integrate them to the cloud with Windows Azure.” In order to effectively demonstrate the viability of the pattern, data portability from one cloud to another, interoperability between clouds, and extension of cloud services to multiple mobile devices, Lockheed Martin has built five innovative mission-focused end-user applications: Healthcare Case Management, Augmented Reality for First Responders, Weather and Ocean Observing, Records and Information Management, and Biometric-Enabled Identity Management. The company is working to develop a limited pilot of the biometric-enabled identity management application for the 2010 Caribbean Games in Puerto Rico to demonstrate how organizations can use Thundercloud™based applications and Windows Azure to accurately identify and quickly provide access for authorized personnel to both virtual and physical spaces. “With Windows Azure, we can support more robust, more adaptive, and more cost-effective solutions for our customers.” Melvin Greer, Chief Strategist, Cloud Computing, Information Systems and Global Solutions, Lockheed Martin In the biometric-enabled identity management scenario, athletes and other key personnel would submit a digital facial photograph along with other private identification information to the Games Organizing Committee, which will store the data in its own infrastructure under its own access controls. When an athlete wants to access a housing, training, or event facility, a security officer will photograph the athlete with a handheld device, such as a smartphone connected to a biometric processing engine hosted in Windows Azure. The biometric engine will process the photo and authenticate it against the biometric, personal, and other sensitive information kept behind the Organizing Committee’s firewall, and the security officer can view the result from the handheld device to confirm the athlete’s identity. Lockheed Martin believes that its customers can use the cloud-based biometric-enabled identity management solution to help control access to secure areas at military installations, government and financial institutions, airports, and large public events, such as the Olympic Games or a Presidential Inauguration. Benefits By using Windows Azure to implement the Thundercloud™ design pattern, Lockheed Martin is helping to accelerate the adoption of cloud computing in the U.S. federal government by enabling its government customers to maintain the security, privacy, and confidentiality they require, while delivering speed, agility, and costeffectiveness. The company can provide its customers with vast computing power, enhanced business flexibility, full control of their important data and processes, and the capabilities they need to meet a growing range of challenges. “We assist our customers with a wide range of mission capability, from space exploration to the managing and archiving of our nation’s records to protecting national security,” says Greer. “With Windows Azure, we can support more robust, more adaptive, and more costeffective solutions for our customers.” Agility with Control With the Thundercloud™ design pattern and Windows Azure, Lockheed Martin’s customers can preserve their confidential data in their own on-premises infrastructure and obtain the benefits of cloud computing. Lockheed Martin’s biometric-enabled identity management application demonstrates how the company’s customers can use Thundercloud™ and Windows Azure to gain the agility and lower costs associated with cloud computing, while maintaining full control over their own data and security processes. “That’s the beauty of Windows Azure,” says Greer. “By integrating an application with both the cloud and a customer’s onpremises infrastructure, and extending the capability via a mobile device, we can make sure that personal and private information never leaves the secure environment where it’s stored.” Enhanced Capacity at Lower Costs By using Windows Azure, Lockheed Martin ensures that its customers can take advantage of cloud computing to enhance their IT capacity, while reducing the costs they would otherwise incur to purchase, manage, and maintain an expanded onpremises IT infrastructure. “Our customers believe that, by using cloud computing, they can save between 40 and 60 percent of the infrastructure cost that they would normally spend in order to achieve the same capabilities,” says Greer. “With Windows Azure, we’ve been able to achieve the kind of productivity and speed that our customers expect.” Melvin Greer, Chief Strategist, Cloud Computing, Information Systems and Global Solutions, Lockheed Martin “The federal government spends nearly $80 billion on IT capabilities so that’s a significant amount of potential savings.” Power and Flexibility on Demand By making it easier for federal agencies to take advantage of IT resources in the cloud, Lockheed Martin can offer its customers the computing power and business agility they need. For example, by using the Thundercloud™ biometric-enabled identity management solution, an organization can very quickly process extremely complex biometric parameters, such as facial recognition, retinal or fingerprint scans, and voice recognition, without having to make a major infrastructure investment. What’s more, if the organization has to add 1,000 more security locations or otherwise modify its Thundercloud™-based application, it can use Windows Azure to automatically scale up its required computing needs and pay only for what it uses. “If a threat level changes, or a new threat is identified, we can use Windows Azure to modify the application and redeploy it to every stakeholder extremely quickly,” says Greer. High Efficiency Because they can use their existing development experience to build Thundercloud™-based applications with Windows Azure, Lockheed Martin’s customers and its own developers can develop new capabilities quickly and at lower cost. In fact, Lockheed Martin was able to use Windows Azure and familiar development tools in Windows Azure to develop the Thundercloud™-based biometric-enabled identity management solution in only 10 weeks, a project Greer estimates might have taken much longer otherwise. That is more time that Lockheed Martin developers now have to innovate updates based on customized mission requirements. “That is the kind of efficiency that is very difficult to achieve,” says Greer. “Our customers already understand the capabilities of cloud computing. They know how to search an application store and start using new applications almost instantly. With Windows Azure, we’ve been able to achieve the kind of productivity and speed that our customers expect.” For More Information Windows Azure For more information about Microsoft products and services, call the Microsoft Sales Information Center at (800) 4269400. In Canada, call the Microsoft Canada Information Centre at (877) 5682495. Customers in the United States and Canada who are deaf or hard-of-hearing can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information using the World Wide Web, go to: www.microsoft.com Windows Azure provides developers the functionality to build applications that span from consumer to enterprise scenarios. The key components of Windows Azure are: For more information about Lockheed Martin products and services, visit the website at: www.lockheedmartin.com Additional Resources: Training: Channel9 Windows Azure Training Course Download: Windows Azure Training Kit Download: Windows Azure SDK White paper: Security Best Practices for Developing Windows Azure Applications Windows Azure. Windows Azure is a development, service hosting, and service management environment. It provides developers with on-demand compute, storage, bandwidth, content delivery, middleware, and marketplace capabilities to build, host, and scale web applications through Microsoft data centers. Microsoft SQL Azure. Microsoft SQL Azure is a self-managed, multitenant relational cloud database service built on Microsoft SQL Server technologies. It provides built-in high availability, fault tolerance, and scale-out database capabilities, as well as cloud-based data synchronization and reporting, to build custom enterprise and web applications and extend the reach of data assets. To learn more, visit: www.windowsazure.com Software and Services This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Document published July 2010 Windows Azure − Windows Azure − Microsoft SQL Azure Technologies − Microsoft .NET Framework 3.5